Future Students

Whether you’re a high school student, graduate student, international student, nontraditional student or military service member, now’s your chance to discover CMU and put your stamp on the world. More...

Smartphone Security

In November 2013, CMU's Department of Computer Science was visited and interviewed by Traverse City's CBS affiliate about the issue of smartphone security. Reports have been surfacing that indicate smartphones present a security risk by revealing the location of the user, since through geo-tagging, GPS coordinates can be embedded into the header portion of an image file. Anyone with the correct software can then determine the exact location of where the picture was taken.

On iOS devices, this feature is enabled by default, allowing users to perform useful tasks, such as searching through their photos by location. Many people take several photos using their smartphones, but if you ask someone, for example, to show you pictures of their trip to Alaska last summer, they will have a hard time going back through hundreds of pictures to try to find the ones that pertain to that particular trip. However, with geo-tagging enabled, a smartphone user simply has to look at a map of the United States and zoom to the state of Alaska. Then all of the photos taken in that location will be shown.

Unfortunately, criminals are increasingly taking advantage of geo-tagging to find out where a person is. If you take a photo and email it to all of your friends, anyone that they then share that photo with is able to figure out exactly where you were when that photo was taken. Some people are concerned that if a picture of their child is shared, for example, criminals will be able to determine exactly where their favorite park is. While this is true, it is also not as widespread as most people believe.

Social media sites like Facebook and Instagram remove all geo-tagged information by default so that pictures available on these publicly-visible platforms will not contain any geographic information relating to where the photo was taken. Of course, any signage in the background of the photo may contain clues to the location, so anyone posting a photo needs to be aware of the content within it.

The important thing to remember is that photos taken with a smartphone that are then emailed will still contain the geo-tagged information by default, but this geo-tagging information capture is a feature can be turned off in the settings menu of the device, thereby preventing any security issues from arising.